By many measures, 2017 was a rough year for cybersecurity with large, brazen phishing attacks negatively impacting governments and companies around the world. Even some of the most supposedly cyber-secure organizations such as Google, Yahoo, Verizon, Virgin America and Equifax fell victim to large data breaches in the past year.
As expected, the onslaught of threats exploiting email phishing as the primary attack vector is highly likely to continue in 2018 as hackers become more sophisticated, legacy technologies struggle to provide adequate security and even cyber-aware humans remain susceptible to chicanery.
Such are the primary reasons that 90 percent of all cybersecurity attacks start with email phishing. According to the 1st Half 2017 Phishing Activity Trends Report by the Anti-Phishing Workgroup, there were roughly 100,000 unique phishing email reports per month (2H 2017 data not yet available). The report also found that “several hundred companies are being targeted regularly, at least every few weeks.” And as we know, once hackers gain access to the right information, they can penetrate even the most advanced security systems.
So, what's ahead for phishing in 2018? Here are the top 5 phishing-related challenges that will impact cybersecurity in 2018:
1. More SMS text and social media phishing
Phishing attacks against mobile devices are on the rise and are expected to increase in 2018. Also known as "smishing," SMS-based phishing aims to gather sensitive information from mobile users via text messaging. With more than 2 billion smart phone users worldwide sending 20 billion text messages per day and opening most of them in an average of 3 seconds, it's a prime opportunity for hackers.
Hackers are perpetrating more text attacks because there aren't many tools to protect SMS messages. Many mobile users also aren't aware that phishing scams can come via text, thus they're more likely to click on fake links in a text than they are in an email.
Social media attacks are also on the rise. Proofpoint noted in a recent report that social media phishing attacks rose more than 500 percent in the last quarter of 2016. One growing trend is for attackers to use fraudulent accounts and pose as customer service for big name brands. Attackers are also using phishing bots and automated technologies to scrape social media for information to be used in targeted attacks.
2. Traditional email security safeguards will fail
As phishing scams become more complex, traditional email security will become even more obsolete in 2018. Business Email Compromise (BEC) scams reached record levels in 2017, fueled by email impersonation, spoofing and spear-phishing. According to the FBI, documented BEC scams increased 2,370 percent between January 2015 and December 2016 and have so far resulted in more than $5.3 billion in losses.
Most traditional email security systems can not detect the latest socially-engineered attacks because they mainly rely on content scanning and signatures to analyze messages. But some attackers don't even need to use malicious links if they assume the identity of a trusted person. Such emails often appear to come from clients, co-workers and managers and can be almost impossible for people or technology to recognize. Mailsploit, a phishing vulnerability that gained popularity in 2017, can spoof email addresses to both the user and the email server, making email filters all but obsolete.
3. Cyber-criminals and nation states will perpetrate more cloud-based attacks
Due to rising adoption of the cloud, more cloud-based phishing attacks are expected in 2018. A white paper by Avanan noted that impersonation is easier with SaaS platforms. Since users are constantly being asked to authenticate their account, and the uniformity means hackers can open their own account to test methods until they can bypass filters.
Gmail suffered a mass phishing attack in the summer of 2017 with an authentic-looking email that asked for permission and opened access to their email accounts and documents. The attack was unique in that it exploited Google's OAuth protocol to phish for information.
While organized criminals will perpetrate many of these attacks, Experian's 2018 Data Breach Industry Forecast noted financially-motivated nation states will increase attacks in the coming year. North Korea has been accused of initiating a number of attacks in recent years, including the WannaCry ransomware attack and the 2014 hack of Sony Pictures Entertainment, among others.
4. Legacy technology won't keep pace
Sophisticated phishing attacks are being designed to bypass security, and legacy systems simply can't keep pace. These increasingly complex scams can now bypass firewalls, gateway security scans and spam filters with ease. Outdated systems have been blamed for a number of security failures in recent years, and studies indicate that old systems in government and in private sector industries such as healthcare and financial services are leaving organizations exposed.
Organizations will need to upgrade in 2018 and tap into machine learning capabilities to fight the continuing complexity of phishing attacks.
5. The threat of ransomware will grow
Ransomware remains one of the most dangerous cyber threats facing organizations and consumers and that's expected to continue in 2018. According to McAffee Labs 2018 Threats Predictions Report, the coming year will see more growth in malware and ransomware as criminals exploit it for financial gain. A report by Cybersecurity Ventures noted that ransomware damages are expected to exceed $11.5 billion annually by 2019, up from only $5 billion 2017.
Because phishing can be so successful, hackers are turning to it as the primary means of injection. Sophos noted in its 2018 malware forecast that attacks are being driven by growth in RaaS (ransomware as a service) which offers malware kits that anyone can use, regardless of skill.